• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1165-1170
• /
• 2022

In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.203-209
• /
• 2023

The paper brings across data that is utilized in the Bring Your Own Device (BYOD) status collected between February and April of 2021 across Saudi Arabia. The data set was collected using questionnaires established through online mechanisms for the respondents. In the questionnaire, personal details included five questions while seven questions addressed the working model of personal mobile devices. Six questions addressed the awareness of employees bring your own device awareness for employees comprised seven questions and two questions addressed the benefits of business achievements. In the identification of suitable respondents for the research, two approaches were applied. The research demanded that the respondents be Saudi Arabian nationals and have attained 18 years. Snowball and purposive techniques were applied in the collection of information from a wide area of Saudi Arabia while employing social media approaches that include the use of WhatsApp and emails in the collection of data. The approach ensured the collection of data from 857 respondents used in the identification of the status as well as issues across the BYOD environment and accompanying solutions. The data was also used in the provision of awareness in the community through short-term courses, cyber security training and awareness programs. The results of the research are therefore applicable to the context of the Saudi Arabian country that is currently facing issues in dealing with the application of personal devices in the work environment.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.177-189
• /
• 2023

Malware detection is an increasingly important operational focus in cyber security, particularly given the fast pace of such threats (e.g., new malware variants introduced every day). There has been great interest in exploring the use of machine learning techniques in automating and enhancing the effectiveness of malware detection and analysis. In this paper, we present a deep recurrent neural network solution as a stacked Long Short-Term Memory (LSTM) with a pre-training as a regularization method to avoid random network initialization. In our proposal, we use global and short dependencies of the inputs. With pre-training, we avoid random initialization and are able to improve the accuracy and robustness of malware threat hunting. The proposed method speeds up the convergence (in comparison to stacked LSTM) by reducing the length of malware OpCode or bytecode sequences. Hence, the complexity of our final method is reduced. This leads to better accuracy, higher Mattews Correlation Coefficients (MCC), and Area Under the Curve (AUC) in comparison to a standard LSTM with similar detection time. Our proposed method can be applied in real-time malware threat hunting, particularly for safety critical systems such as eHealth or Internet of Military of Things where poor convergence of the model could lead to catastrophic consequences. We evaluate the effectiveness of our proposed method on Windows, Ransomware, Internet of Things (IoT), and Android malware datasets using both static and dynamic analysis. For the IoT malware detection, we also present a comparative summary of the performance on an IoT-specific dataset of our proposed method and the standard stacked LSTM method. More specifically, of our proposed method achieves an accuracy of 99.1% in detecting IoT malware samples, with AUC of 0.985, and MCC of 0.95; thus, outperforming standard LSTM based methods in these key metrics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.183-191
• /
• 2023

Cryptographic algorithms require extensive computational resources and rely on complex mathematical principles for security. However, IoT devices have limited resources, leading to insufficient computing power. As a result, lightweight cryptography has emerged, which uses fewer computational resources. NIST organized a competition to standardize lightweight cryptography and TinyJAMBU, one of the algorithms in the competition, is a permutation-based algorithm that repeats many permutation operations. In this paper, we implement TinyJAMBU on an 8-bit AVR processor with a proposedtechnique that includes a reverse shift method and precomputing some operations in a fixed key and nonce environment. Our techniques showed a maximum performance improvement of 7.03 times in permutation operations and 5.87 times in the TinyJAMBU algorithm, improving up to 9.19 times in a fixed key and nonce environment.

• Journal of Convergence for Information Technology
• /
• v.12 no.3
• /
• pp.17-24
• /
• 2022

Mobile malicious apps are increasing rapidly, and Android, which accounts for most of the global mobile OS market, is becoming a major target of mobile cyber security threats. Therefore, in order to cope with rapidly evolving malicious apps, there is a need for detection techniques of malicious apps using machine learning, one of artificial intelligence implementation technologies. In this paper, we propose a selected feature method using feature selection and feature extraction that can improve the detection performance of malicious apps. In the feature selection process, the detection performance improved according to the number of features, and the API showed relatively better detection performance than the permission. Also combining the two characteristics showed high precision of over 93% on average, confirming that the appropriate combination of characteristics could improve the detection performance.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.97-106
• /
• 2023

Sentiment analysis using social network platforms such as Twitter has achieved tremendous results. Twitter is an online social networking site that contains a rich amount of data. The platform is known as an information channel corresponding to different sites and categories. Tweets are most often publicly accessible with very few limitations and security options available. Twitter also has powerful tools to enhance the utility of Twitter and a powerful search system to make publicly accessible the recently posted tweets by keyword. As popular social media, Twitter has the potential for interconnectivity of information, reviews, updates, and all of which is important to engage the targeted population. In this work, numerous methods that perform a classification of tweet sentiment in Twitter is discussed. There has been a lot of work in the field of sentiment analysis of Twitter data. This study provides a comprehensive analysis of the most standard and widely applicable techniques for opinion mining that are based on machine learning and lexicon-based along with their metrics. The proposed work is helpful to analyze the information in the tweets where opinions are highly unstructured, heterogeneous, and polarized positive, negative or neutral. In order to validate the performance of the proposed framework, an extensive series of experiments has been performed on the real world twitter dataset that alter to show the effectiveness of the proposed framework. This research effort also highlighted the recent challenges in the field of sentiment analysis along with the future scope of the proposed work.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.229-244
• /
• 2024

Recently, supply chain attacks against nuclear facilities such as "Evil PLC" are increasing due to the application of digital technology in nuclear power plants such as the APR1400 reactor. Nuclear supply chain security requires a asset management system that can systematically manage a large number of providers due to the nature of the industry. However, due to the nature of the control system, there is a problem of inconsistent management of attribute information due to the long lifecycle of software assets. In addition, due to the availability of the operational technology, the introduction of automated configuration management is insufficient, and limitations such as input errors exist. This study proposes a systematic asset management system using SBOM(Software Bill Of Materials) and an improvement for input errors using natural language processing techniques.

• KIPS Transactions on Computer and Communication Systems
• /
• v.13 no.1
• /
• pp.31-37
• /
• 2024

Conventional secret sharing techniques often derive shares from randomly generated polynomials or planes, resulting in lengthy and complex shares that are challenging to memorize and/or manage without the aid of a separate computer or specialized device. Modifying existing secret sharing methods to use a predetermined value, such as a memorizable password or bio-metric information, offers a solution. However, this approach raises concerns about security, especially when the predetermined value lacks randomness or has low entropy. In such cases, adversaries may deduce a secret S with just (t - 1) shares by guessing the predetermined value or employing brute force attacks. In this paper, we introduce a share hardening method designed to ensure the security of secret sharing while enabling the use of memorizable passwords or biometric information as predetermined shares.

• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.169-185
• /
• 2024

Due to levitate and rapid growth of E-Commerce, most of the organizations are moving towards cashless transaction Unfortunately, the cashless transactions are not only used by legitimate users but also it is used by illegitimate users and which results in trouncing of billions of dollars each year worldwide. Fraud prevention and Fraud Detection are two methods used by the financial institutions to protect against these frauds. Fraud prevention systems (FPSs) are not sufficient enough to provide fully security to the E-Commerce systems. However, with the combined effect of Fraud Detection Systems (FDS) and FPS might protect the frauds. However, there still exist so many issues and challenges that degrade the performances of FDSs, such as overlapping of data, noisy data, misclassification of data, etc. This paper presents a comprehensive survey on financial fraud detection system using such data mining techniques. Over seventy research papers have been reviewed, mainly within the period 2002-2015, were analyzed in this study. The data mining approaches employed in this research includes Neural Network, Logistic Regression, Bayesian Belief Network, Support Vector Machine (SVM), Self Organizing Map(SOM), K-Nearest Neighbor(K-NN), Random Forest and Genetic Algorithm. The algorithms that have achieved high success rate in detecting credit card fraud are Logistic Regression (99.2%), SVM (99.6%) and Random Forests (99.6%). But, the most suitable approach is SOM because it has achieved perfect accuracy of 100%. But the algorithms implemented for financial statement fraud have shown a large difference in accuracy from CDA at 71.4% to a probabilistic neural network with 98.1%. In this paper, we have identified the research gap and specified the performance achieved by different algorithms based on parameters like, accuracy, sensitivity and specificity. Some of the key issues and challenges associated with the FDS have also been identified.

• Nuclear Engineering and Technology
• /
• v.48 no.5
• /
• pp.1273-1279
• /
• 2016

Production of iodine-131 by neutron activation of tellurium in tellurium dioxide ($TeO_2$) material requires a target that meets the safety requirements. In a radiopharmaceutical production unit, a new lid for a can was designed, which permits tight sealing of the target by using tungsten inert gaswelding. The leakage rate of all prepared targets was assessed using a helium mass spectrometer. The accepted leakage rate is ${\leq}10^{-4}mbr.L/s$, according to the approved safety report related to iodine-131 production in the TRIGA Mark II research reactor (TRIGA: Training, Research, Isotopes, General Atomics). To confirm the resistance of the new design to the irradiation conditions in the TRIGA Mark II research reactor's central thimble, a study of heat effect on the sealed targets for 7 hours in an oven was conducted and the leakage rates were evaluated. The results show that the tightness of the targets is ensured up to $600^{\circ}C$ with the appearance of deformations on lids beyond $450^{\circ}C$. The study of heat transfer through the target was conducted by adopting a one-dimensional approximation, under consideration of the three transfer modes-convection, conduction, and radiation. The quantities of heat generated by gamma and neutron heating were calculated by a validated computational model for the neutronic simulation of the TRIGA Mark II research reactor using the Monte Carlo N-Particle transport code. Using the heat transfer equations according to the three modes of heat transfer, the thermal study of I-131 production by irradiation of the target in the central thimble showed that the temperatures of materials do not exceed the corresponding melting points. To validate this new design, several targets have been irradiated in the central thimble according to a preplanned irradiation program, going from4 hours of irradiation at a power level of 0.5MWup to 35 hours (7 h/d for 5 days a week) at 1.5MW. The results showthat the irradiated targets are tight because no iodine-131 was released in the atmosphere of the reactor building and in the reactor cooling water of the primary circuit.